Missing return statement in non-void function
ID |
c.miscellaneous.missing_return |
Severity |
low |
Resource |
Miscellaneous |
Language |
C / C++ |
Description
A non-void function does not have a return statement. Hence, its return value can be considered undefined.
Rationale
A non-void function does not have a return statement. Hence, its return value can be considered undefined.
The following code illustrates a vulnerable pattern detected by this rule:
int baddie(int foo);
// VULNERABLE: Missing return statement in non-void function
int bad1(void)
{
printf("Hello, World!");
}Remediation
Follow secure coding practices and review the references below for detailed remediation guidance.
References
-
OWASP Top 10 2021 - A04 : Insecure Design.